NIST eyes removing flawed Dual_EC_DRBG alogrithm from guidelines

Share this article:
Researchers uncover NSA tool, enables faster cracking of flawed RSA algorithm
NIST is looking to remove the flawed Dual_EC_DRBG algorithm from its guidelines.

The National Institute of Standards and Technology (NIST) is seeking to update its guidelines by removing a flawed, community-developed algorithm believed to contain a backdoor.

NIST announced on Monday that it had revised its document, “Recommendation for Random Number Generation Using Deterministic Random Bit Generators,” to exclude the questionable Dual Elliptic Curve Deterministic Random Bit Generator (Dual_EC_DRBG) algorithm.

“NIST is removing the algorithm based on our own evaluation and the lack of public confidence in the algorithm,” Jennifer Huergo, a NIST spokesperson, told SCMagazine.com in a Tuesday email correspondence.

Huergo linked to a revision summary, posted on Monday, which explains how Dual_EC_DRBG is perceived by the public to contain a backdoor. This backdoor could result in attackers predicting secret cryptographic keys, according to the summary.

The revised document, known as SP 800-90A, has only just been opened for public comments, so there has not yet been much of a community response, Huergo said. Commenters have until May 23 to voice their opinions on the update, according to a Monday NIST release.

NIST is urging all users not to wait for further revisions and to quickly begin shifting to one of the other algorithms still supported in the revised document, which include the Hash_DRBG, HMAC_DRBG, and CTR_DRBG algorithms.

In September 2013, NIST advised against using Dual_EC_DRBG due to a possible backdoor. Shortly after, RSA, which used the algorithm in all its BSAFE Toolkits, recommended shifting to one of the different algorithms built into the BSAFE Toolkit.

In December 2013, reports suggested that RSA entered into a $10 million secret agreement with the National Security Agency (NSA) to continue using the flawed algorithm in its products, but RSA quickly denied the allegations.

Share this article:

Sign up to our newsletters

More in News

Incapsula mitigates multi-vector DDoS attack lasting longer than a month

Incapsula mitigates multi-vector DDoS attack lasting longer than ...

Incapsula's scrubbing servers were able to filter out more than 50 petabits of malicious DDoS traffic aimed at a video game company for longer than a month.

UPS announces breach impacting 51 U.S. locations

The shipping and printing provider said malware has been present on some stores' computer systems since mid-January.

'Machete' espionage campaign targets orgs in Venezuela, Ecuador

The campaign targets Spanish speaking victims, which also appears to be the native language of attackers.